Double Free Vulnerability in Radare2 Affects Multiple Versions
CVE-2021-32613

5.5MEDIUM

Key Information:

Vendor: Radare
Status: Radare2
Vendor: CVE Published:; 14 May 2021

🔔 Create Radare Vulnerability Alert

What is CVE-2021-32613?

A double free vulnerability exists in Radare2 before version 5.3.0 within the pyc parse functionality. This issue arises from improper memory management, allowing an attacker to exploit it through a crafted file, which may lead to a Denial of Service (DoS). Affected users running versions prior to the patched update should upgrade to mitigate this risk.

Affected Version(s)

radare2 radare2 versions before and including 5.3.0

References

https://bugzilla.redhat.com/show_bug.cgi?id=1959939

x_refsource_MISC

https://github.com/radareorg/radare2/issues/18679

x_refsource_MISC

https://lists.fedoraproject.org/archives/list/package-ann...

vendor-advisoryx_refsource_FEDORA

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2021
Vulnerability Reserved
May 12, 2021

CVE-2021-32613 Data

.